diff options
| author | Emilia Kasper <emilia@openssl.org> | 2015-09-01 13:19:15 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2015-09-01 20:02:54 +0200 |
| commit | 5f623eb61655688501cb1817a7ad0592299d894a (patch) | |
| tree | ab695dbd1808c74703e26ad625c0baa49579d5ef | |
| parent | 542591740667b17642ad300c357b5d8045c8ccda (diff) | |
| download | openssl-5f623eb61655688501cb1817a7ad0592299d894a.tar.gz | |
RT 3493: fix RSA test
- Pass in the right ciphertext length to ensure we're indeed testing
ciphertext corruption (and not truncation).
- Only test one mutation per byte to not make the test too slow.
- Add a separate test for truncated ciphertexts.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 25d6b3401ca40c9a2cbe5080449c1c2a37037777)
| -rw-r--r-- | crypto/rsa/rsa_test.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c index e9712953e9..85c7440b8c 100644 --- a/crypto/rsa/rsa_test.c +++ b/crypto/rsa/rsa_test.c @@ -297,22 +297,30 @@ int main(int argc, char *argv[]) } else printf("OAEP encryption/decryption ok\n"); - /* Try decrypting corrupted ciphertexts */ + /* Try decrypting corrupted ciphertexts. */ for (n = 0; n < clen; ++n) { - int b; - unsigned char saved = ctext[n]; - for (b = 0; b < 256; ++b) { - if (b == saved) - continue; - ctext[n] = b; - num = RSA_private_decrypt(num, ctext, ptext, key, + ctext[n] ^= 1; + num = RSA_private_decrypt(clen, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - printf("Corrupt data decrypted!\n"); - err = 1; - } + if (num > 0) { + printf("Corrupt data decrypted!\n"); + err = 1; + break; } + ctext[n] ^= 1; } + + /* Test truncated ciphertexts, as well as negative length. */ + for (n = -1; n < clen; ++n) { + num = RSA_private_decrypt(n, ctext, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if (num > 0) { + printf("Truncated data decrypted!\n"); + err = 1; + break; + } + } + next: RSA_free(key); } |